Risk

1/27/2009
10:09 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Liberty Alliance Launches Telecom Special Interest Group

SIG's goal: to develop best practices for managing identity-information and identity-enabled transactions and services in the global telecom sector

New York and Madrid, Jan. 27, 2009 - Liberty Alliance, the global identity community working to build a more trustworthy Internet for businesses, governments and people, today announced the launch of the public Liberty Alliance Telecom Special Interest Group (SIG). The group has been formed by representatives from Ericsson, NEC, NeuStar, Orange, Symlabs and TeliaSonera and is the tenth Liberty Alliance special interest group open to both Liberty Alliance members and non-members. The goal of the SIG is to develop best practices for managing identity-information and identity-enabled transactions and services in the global telecom sectors.

Liberty SAML 2.0 Federation and Liberty Identity Web Services are widely validated and deployed in the telecom and service provider industries. Gartner states that "SAML 2.0 has become the de facto federation standard across industries."1 Burton Group recommends organizations consider Liberty Alliance ID-WSF 2.0 specifications when implementing federation.2 The SIG is working to advance identity-enabled enterprise and Web 2.0 applications in the telecom sector based on Liberty Alliance standards and the Liberty Identity Governance and Identity Assurance Frameworks.

According to Jose Luis Mariz, strategic product manager at Ericsson and chair of the Liberty Alliance Telecom SIG, "The formation of the Telecom SIG provides organizations and individuals in the telecom industry with an important public forum for collaboratively fostering the next generation of interoperable, secure and privacy-respecting identity-enabled applications for businesses and people."

About the Public Telecom SIG

Members of the Liberty Alliance Telecom SIG are collaborating with other groups and standards bodies to identify and eliminate the technology and policy issues telecom operators face when it comes to the wide-scale deployment of interoperable identity-enabled applications and services. The new Telecom SIG joins a growing ecosystem of industry-specific SIGs formed by market leaders active in Liberty Alliance, such as Healthcare and eGovernment, who are working to ensure their specialized identity management and services requirements are being met by emerging technology and policy frameworks. Information about the Telecom SIG, including how to join public calls and mail lists, is available at http://tinyurl.com/9ffnke 1) Source: Gartner, Inc. "The U.S. Government's Adoption of SAML 2.0 Shows Wide Acceptance", by Gregg Kreizman, John Pescatore and Ray Wagner, October 29, 2007 2) Source: Burton Group "Federated Identity", by Bob Blakley, October 2008

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17437
PUBLISHED: 2018-09-24
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17438
PUBLISHED: 2018-09-24
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17439
PUBLISHED: 2018-09-24
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
CVE-2018-17432
PUBLISHED: 2018-09-24
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17433
PUBLISHED: 2018-09-24
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.